Membership Inference Attacks on Sequence-to-Sequence Models: Is My Data In Your Machine Translation System?
This addresses data privacy concerns for machine learning as a service providers, but it is incremental as it extends existing attack methods to a new model type.
The paper tackles the problem of membership inference attacks on sequence-to-sequence models, specifically in machine translation, by defining the problem, providing an open dataset, and reporting initial results on whether these models leak private information.
Data privacy is an important issue for "machine learning as a service" providers. We focus on the problem of membership inference attacks: given a data sample and black-box access to a model's API, determine whether the sample existed in the model's training data. Our contribution is an investigation of this problem in the context of sequence-to-sequence models, which are important in applications such as machine translation and video captioning. We define the membership inference problem for sequence generation, provide an open dataset based on state-of-the-art machine translation models, and report initial results on whether these models leak private information against several kinds of membership inference attacks.